Sygnia incident responder Ryan Goldberg and DigitalMint ransomware negotiator Kevin Martin each received four-year federal prison sentences for deploying BlackCat/ALPHV
Nefilim ransomware affiliate Artem Stryzhak, 35, faces sentencing May 6, 2026 after pleading guilty to conspiracy to commit computer fraud.
Trend Micro on May 5, 2026 disclosed QLNX (Quasar Linux), a Linux implant targeting software developers with a 58-command shell,
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server
The FTC on May 5, 2026 proposed banning data broker Kochava from selling Americans’ location data without consent. The 2022
CVE-2026-23918 is a CVSS 8.8 double-free in Apache HTTP Server 2.4.66 mod_http2, causing DoS on default deployments and RCE on
Cisco Talos on May 5, 2026 linked UAT-8302, a China-nexus APT, to government espionage campaigns across South America and southeastern
Deniss Zolotarjovs, Karakurt’s “cold case” extortion negotiator, received an 8.5-year U.S. federal prison sentence — the first conviction of a
Microsoft disclosed an AiTM phishing campaign targeting 35,000 users in 13,000 organizations across 26 countries between April 14–16, 2026, bypassing
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.